6 matches found
CVE-2024-48548
The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding physical devices. This vulnerability allows attackers to arbitrarily construct a request to use the app to bind to unknown devices by finding a valid serial number via a bruteforce attack...
CVE-2024-48548
The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding physical devices. This vulnerability allows attackers to arbitrarily construct a request to use the app to bind to unknown devices by finding a valid serial number via a bruteforce attack...
CVE-2024-48548
CVE-2024-48548 affects Cloud Smart Lock v2.0.1 where an APK leaks a URL that can call the Bind to Physical Device API. This enables an attacker to arbitrarily construct requests to bind to unknown devices by bruteforcing a valid serial number, effectively exposing a vulnerability with a local att...
CVE-2024-48548
The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding physical devices. This vulnerability allows attackers to arbitrarily construct a request to use the app to bind to unknown devices by finding a valid serial number via a bruteforce attack...
PT-2024-33146 · Unknown · Cloud Smart Lock
Name of the Vulnerable Software and Affected Versions: Cloud Smart Lock version 2.0.1 Description: The issue concerns a leaked URL in the APK file that can be used to call an API for binding physical devices. This allows attackers to construct requests to bind the app to unknown devices by findin...
CVE-2024-48548
The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding physical devices. This vulnerability allows attackers to arbitrarily construct a request to use the app to bind to unknown devices by finding a valid serial number via a bruteforce attack...